* On Windows hosts, if VMCI is enabled, a guest can execute arbitrary code in the context of the vmx process on the host. This is a compiler-dependent vulnerability. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the CVE number CVE-2008-2099 to this issue. (bug 234208) * A security vulnerability related to the host-guest file system (HGFS) could cause a buffer overflow. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the CVE number CVE-2008-2098 to this issue. (bug 234214)